dkelly/nkode-protocol
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor file struct

Browse Source
This commit is contained in:
Donovan
2025-12-14 11:49:50 -06:00
parent e6a7dc4993
commit 71552911b1
18 changed files with 86 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
src/app/client.rs Normal file
View File

2
src/app/mod.rs Normal file
View File

@@ -0,0 +1,2 @@
mod client;
mod server;

0
src/app/server.rs Normal file
View File

4
src/lib.rs
View File

@@ -1,2 +1,4 @@
pub mod nkode;
pub mod opaque; pub mod opaque;
pub mod app;
pub mod repository;
pub mod models;

1
src/models/mod.rs Normal file
View File

@@ -0,0 +1 @@
pub mod opaque;

0
src/opaque/models.rs → src/models/opaque.rs
View File

1
src/nkode.rs
View File

@@ -1 +0,0 @@
use nkode_rs::nkode_core::policy::DEFAULT_POLICY;

2
src/opaque/client.rs
View File

@@ -9,7 +9,7 @@ use opaque_ke::{
RegistrationRequest, RegistrationRequest,
}; };
use crate::opaque::models::{RegisterSession, LoginSession, NKodeCipherSuite, PasswordFile}; use crate::models::opaque::{RegisterSession, LoginSession, NKodeCipherSuite, PasswordFile};

4
src/opaque/mod.rs
View File

@@ -1,6 +1,2 @@
pub mod server; pub mod server;
pub mod models;
pub mod client; pub mod client;
pub mod in_memory_auth_repo;
pub mod in_memory_auth_session;
pub mod in_memory_transport;

61
src/opaque/server.rs
View File

@@ -4,25 +4,8 @@ use opaque_ke::{
ServerRegistration, ServerRegistration,
}; };
use uuid::Uuid; use uuid::Uuid;
use crate::opaque::models::{RegisterSession, LoginSession, NKodeCipherSuite, NKodeServerSetup, PasswordFile}; use crate::models::opaque::{LoginSession, NKodeCipherSuite, NKodeServerSetup, PasswordFile, RegisterSession};
use crate::repository::opaque::repos::{OpaqueDatabaseRepo, AuthRepoError, OpaqueSessionRepo};
#[derive(Debug)]
pub enum AuthRepoError {
UserExists,
KeyNotRegistered,
CodeNotRegistered,
}
pub trait AuthRepo {
fn new_key(&mut self, identifier: &[u8], password_file: PasswordFile) -> Result<(), AuthRepoError>;
fn new_code(&mut self, identifier: &[u8], password_file: PasswordFile) -> Result<(), AuthRepoError>;
fn has_code(&self, identifier: &[u8]) -> bool;
fn has_key(&self, identifier: &[u8]) -> bool;
fn get_key_passcode_file(&self, identifier: &[u8]) -> Result<PasswordFile, AuthRepoError>;
fn get_code_passcode_file(&self, identifier: &[u8]) -> Result<PasswordFile, AuthRepoError>;
}
pub struct RegCache { pub struct RegCache {
pub session_id: Uuid, pub session_id: Uuid,
@@ -35,25 +18,11 @@ pub struct LoginCache {
pub server_login: ServerLogin<NKodeCipherSuite>, pub server_login: ServerLogin<NKodeCipherSuite>,
} }
pub trait AuthSession {
fn new_reg_session(&mut self, identifier: &[u8]) -> Result<RegCache, String>;
fn get_reg_session(&self, session_id: &Uuid) -> Result<RegCache, String>;
fn clear_reg_session(&mut self, session_id: &Uuid) -> Result<(), String>;
fn new_login_session(
&mut self,
identifier: &[u8],
server_login: ServerLogin<NKodeCipherSuite>,
) -> Result<LoginCache, String>;
fn get_login_session(&self, session_id: &Uuid) -> Result<LoginCache, String>;
fn clear_login_session(&mut self, session_id: &Uuid) -> Result<(), String>;
}
pub trait CredKind { pub trait CredKind {
fn has<R: AuthRepo>(repo: &R, id: &[u8]) -> bool; fn has<R: OpaqueDatabaseRepo>(repo: &R, id: &[u8]) -> bool;
fn get_pf<R: AuthRepo>(repo: &R, id: &[u8]) -> Result<PasswordFile, AuthRepoError>; fn get_pf<R: OpaqueDatabaseRepo>(repo: &R, id: &[u8]) -> Result<PasswordFile, AuthRepoError>;
fn put_pf<R: AuthRepo>(repo: &mut R, id: &[u8], pf: PasswordFile) -> Result<(), AuthRepoError>; fn put_pf<R: OpaqueDatabaseRepo>(repo: &mut R, id: &[u8], pf: PasswordFile) -> Result<(), AuthRepoError>;
fn prereq_for_register<R: AuthRepo>(_repo: &R, _id: &[u8]) -> Result<(), AuthRepoError> { fn prereq_for_register<R: OpaqueDatabaseRepo>(_repo: &R, _id: &[u8]) -> Result<(), AuthRepoError> {
Ok(()) Ok(())
} }
} }
@@ -62,28 +31,28 @@ pub struct Key;
pub struct Code; pub struct Code;
impl CredKind for Key { impl CredKind for Key {
fn has<R: AuthRepo>(repo: &R, id: &[u8]) -> bool { fn has<R: OpaqueDatabaseRepo>(repo: &R, id: &[u8]) -> bool {
repo.has_key(id) repo.has_key(id)
} }
fn get_pf<R: AuthRepo>(repo: &R, id: &[u8]) -> Result<PasswordFile, AuthRepoError> { fn get_pf<R: OpaqueDatabaseRepo>(repo: &R, id: &[u8]) -> Result<PasswordFile, AuthRepoError> {
repo.get_key_passcode_file(id) repo.get_key_passcode_file(id)
} }
fn put_pf<R: AuthRepo>(repo: &mut R, id: &[u8], pf: PasswordFile) -> Result<(), AuthRepoError> { fn put_pf<R: OpaqueDatabaseRepo>(repo: &mut R, id: &[u8], pf: PasswordFile) -> Result<(), AuthRepoError> {
repo.new_key(id, pf) repo.new_key(id, pf)
} }
} }
impl CredKind for Code { impl CredKind for Code {
fn has<R: AuthRepo>(repo: &R, id: &[u8]) -> bool { fn has<R: OpaqueDatabaseRepo>(repo: &R, id: &[u8]) -> bool {
repo.has_code(id) repo.has_code(id)
} }
fn get_pf<R: AuthRepo>(repo: &R, id: &[u8]) -> Result<PasswordFile, AuthRepoError> { fn get_pf<R: OpaqueDatabaseRepo>(repo: &R, id: &[u8]) -> Result<PasswordFile, AuthRepoError> {
repo.get_code_passcode_file(id) repo.get_code_passcode_file(id)
} }
fn put_pf<R: AuthRepo>(repo: &mut R, id: &[u8], pf: PasswordFile) -> Result<(), AuthRepoError> { fn put_pf<R: OpaqueDatabaseRepo>(repo: &mut R, id: &[u8], pf: PasswordFile) -> Result<(), AuthRepoError> {
repo.new_code(id, pf) repo.new_code(id, pf)
} }
fn prereq_for_register<R: AuthRepo>(repo: &R, id: &[u8]) -> Result<(), AuthRepoError> { fn prereq_for_register<R: OpaqueDatabaseRepo>(repo: &R, id: &[u8]) -> Result<(), AuthRepoError> {
if repo.has_key(id) { if repo.has_key(id) {
Ok(()) Ok(())
} else { } else {
@@ -92,13 +61,13 @@ impl CredKind for Code {
} }
} }
pub struct OpaqueAuth<R: AuthRepo, S: AuthSession> { pub struct OpaqueAuth<R: OpaqueDatabaseRepo, S: OpaqueSessionRepo> {
server_setup: NKodeServerSetup, server_setup: NKodeServerSetup,
user_repo: R, user_repo: R,
session: S, session: S,
} }
impl<R: AuthRepo, S: AuthSession> OpaqueAuth<R, S> { impl<R: OpaqueDatabaseRepo, S: OpaqueSessionRepo> OpaqueAuth<R, S> {
pub fn new(server_setup: NKodeServerSetup, user_repo: R, session: S) -> Self { pub fn new(server_setup: NKodeServerSetup, user_repo: R, session: S) -> Self {
Self { server_setup, user_repo, session } Self { server_setup, user_repo, session }
} }

1
src/repository/mod.rs Normal file
View File

@@ -0,0 +1 @@
pub mod opaque;

7
src/opaque/in_memory_auth_repo.rs → src/repository/opaque/in_memory/in_memory_auth_repo.rs
View File

@@ -1,7 +1,6 @@
use std::collections::HashMap; use std::collections::HashMap;
use crate::models::opaque::PasswordFile;
use crate::opaque::models::PasswordFile; use crate::repository::opaque::repos::{OpaqueDatabaseRepo, AuthRepoError};
use crate::opaque::server::{AuthRepo, AuthRepoError};
#[derive(Debug, Default)] #[derive(Debug, Default)]
pub struct InMemoryAuthRepo { pub struct InMemoryAuthRepo {
@@ -29,7 +28,7 @@ impl InMemoryAuthRepo {
} }
} }
impl AuthRepo for InMemoryAuthRepo { impl OpaqueDatabaseRepo for InMemoryAuthRepo {
fn new_key( fn new_key(
&mut self, &mut self,
identifier: &[u8], identifier: &[u8],

9
src/opaque/in_memory_auth_session.rs → src/repository/opaque/in_memory/in_memory_auth_session.rs
View File

@@ -1,8 +1,9 @@
use std::collections::HashMap; use std::collections::HashMap;
use crate::opaque::server::{RegCache, LoginCache, AuthSession}; use crate::opaque::server::{LoginCache, RegCache};
use opaque_ke::{ServerLogin}; use opaque_ke::ServerLogin;
use crate::opaque::models::NKodeCipherSuite;
use uuid::Uuid; use uuid::Uuid;
use crate::models::opaque::NKodeCipherSuite;
use crate::repository::opaque::repos::OpaqueSessionRepo;
#[derive(Default)] #[derive(Default)]
pub struct InMemoryAuthSession { pub struct InMemoryAuthSession {
@@ -16,7 +17,7 @@ impl InMemoryAuthSession {
} }
} }
impl AuthSession for InMemoryAuthSession { impl OpaqueSessionRepo for InMemoryAuthSession {
fn new_reg_session(&mut self, identifier: &[u8]) -> Result<RegCache, String> { fn new_reg_session(&mut self, identifier: &[u8]) -> Result<RegCache, String> {
let cache = RegCache { let cache = RegCache {
session_id: Uuid::new_v4(), session_id: Uuid::new_v4(),

15
src/opaque/in_memory_transport.rs → src/repository/opaque/in_memory/in_memory_transport.rs
View File

@@ -4,11 +4,11 @@ use tokio::sync::Mutex;
use std::sync::Arc; use std::sync::Arc;
use uuid::Uuid; use uuid::Uuid;
use opaque_ke::{CredentialFinalization, CredentialRequest, RegistrationRequest}; use opaque_ke::{CredentialFinalization, CredentialRequest, RegistrationRequest};
use crate::models::opaque::{LoginSession, NKodeCipherSuite, NKodeServerSetup, PasswordFile, RegisterSession};
use crate::opaque::client::{ClientAuthError, ServerConnectionLogin, ServerConnectionRegister}; use crate::opaque::client::{ClientAuthError, ServerConnectionLogin, ServerConnectionRegister};
use crate::opaque::models::{LoginSession, RegisterSession, NKodeCipherSuite, NKodeServerSetup, PasswordFile};
use crate::opaque::server::{OpaqueAuth, CredKind, Key, Code}; use crate::opaque::server::{OpaqueAuth, CredKind, Key, Code};
use crate::opaque::in_memory_auth_repo::InMemoryAuthRepo; use crate::repository::opaque::in_memory::in_memory_auth_repo::InMemoryAuthRepo;
use crate::opaque::in_memory_auth_session::InMemoryAuthSession; use crate::repository::opaque::in_memory::in_memory_auth_session::InMemoryAuthSession;
pub struct InMemoryServer<K: CredKind> { pub struct InMemoryServer<K: CredKind> {
auth: OpaqueAuth<InMemoryAuthRepo, InMemoryAuthSession>, auth: OpaqueAuth<InMemoryAuthRepo, InMemoryAuthSession>,
@@ -24,7 +24,6 @@ impl<K: CredKind> InMemoryServer<K> {
} }
} }
/// Convenience aliases
pub type InMemoryKeyServer = InMemoryServer<Key>; pub type InMemoryKeyServer = InMemoryServer<Key>;
pub type InMemoryCodeServer = InMemoryServer<Code>; pub type InMemoryCodeServer = InMemoryServer<Code>;
@@ -90,19 +89,19 @@ where
} }
} }
pub struct SharedServer<K> { pub struct InMemSharedServer<K> {
inner: Arc<Mutex<OpaqueAuth<InMemoryAuthRepo, InMemoryAuthSession>>>, inner: Arc<Mutex<OpaqueAuth<InMemoryAuthRepo, InMemoryAuthSession>>>,
_k: PhantomData<K>, _k: PhantomData<K>,
} }
impl<K> SharedServer<K> { impl<K> InMemSharedServer<K> {
pub fn new(inner: Arc<Mutex<OpaqueAuth<InMemoryAuthRepo, InMemoryAuthSession>>>) -> Self { pub fn new(inner: Arc<Mutex<OpaqueAuth<InMemoryAuthRepo, InMemoryAuthSession>>>) -> Self {
Self { inner, _k: PhantomData } Self { inner, _k: PhantomData }
} }
} }
#[async_trait::async_trait] #[async_trait::async_trait]
impl<K> ServerConnectionRegister for SharedServer<K> impl<K> ServerConnectionRegister for InMemSharedServer<K>
where where
K: CredKind + Send + Sync, K: CredKind + Send + Sync,
{ {
@@ -132,7 +131,7 @@ where
} }
#[async_trait::async_trait] #[async_trait::async_trait]
impl<K> ServerConnectionLogin for SharedServer<K> impl<K> ServerConnectionLogin for InMemSharedServer<K>
where where
K: CredKind + Send + Sync, K: CredKind + Send + Sync,
{ {

3
src/repository/opaque/in_memory/mod.rs Normal file
View File

@@ -0,0 +1,3 @@
pub mod in_memory_auth_repo;
pub mod in_memory_transport;
pub mod in_memory_auth_session;

2
src/repository/opaque/mod.rs Normal file
View File

@@ -0,0 +1,2 @@
pub mod in_memory;
pub mod repos;

36
src/repository/opaque/repos.rs Normal file
View File

@@ -0,0 +1,36 @@
use uuid::Uuid;
use opaque_ke::ServerLogin;
use crate::models::opaque::{NKodeCipherSuite, PasswordFile};
use crate::opaque::server::{LoginCache, RegCache};
#[derive(Debug)]
pub enum AuthRepoError {
UserExists,
KeyNotRegistered,
CodeNotRegistered,
}
pub trait OpaqueDatabaseRepo {
fn new_key(&mut self, identifier: &[u8], password_file: PasswordFile) -> Result<(), AuthRepoError>;
fn new_code(&mut self, identifier: &[u8], password_file: PasswordFile) -> Result<(), AuthRepoError>;
fn has_code(&self, identifier: &[u8]) -> bool;
fn has_key(&self, identifier: &[u8]) -> bool;
fn get_key_passcode_file(&self, identifier: &[u8]) -> Result<PasswordFile, AuthRepoError>;
fn get_code_passcode_file(&self, identifier: &[u8]) -> Result<PasswordFile, AuthRepoError>;
}
pub trait OpaqueSessionRepo {
fn new_reg_session(&mut self, identifier: &[u8]) -> Result<RegCache, String>;
fn get_reg_session(&self, session_id: &Uuid) -> Result<RegCache, String>;
fn clear_reg_session(&mut self, session_id: &Uuid) -> Result<(), String>;
fn new_login_session(
&mut self,
identifier: &[u8],
server_login: ServerLogin<NKodeCipherSuite>,
) -> Result<LoginCache, String>;
fn get_login_session(&self, session_id: &Uuid) -> Result<LoginCache, String>;
fn clear_login_session(&mut self, session_id: &Uuid) -> Result<(), String>;
}

12
tests/in_memory_test.rs
View File

@@ -2,11 +2,11 @@ use std::sync::Arc;
use opaque_ke::rand::rngs::OsRng; use opaque_ke::rand::rngs::OsRng;
use tokio::sync::Mutex; use tokio::sync::Mutex;
use nkode_protocol::opaque::client::{AuthenticationData, OpaqueAuthentication, ClientAuthError}; use nkode_protocol::opaque::client::{AuthenticationData, OpaqueAuthentication, ClientAuthError};
use nkode_protocol::opaque::in_memory_auth_repo::InMemoryAuthRepo; use nkode_protocol::models::opaque::NKodeServerSetup;
use nkode_protocol::opaque::in_memory_auth_session::InMemoryAuthSession;
use nkode_protocol::opaque::in_memory_transport::{InMemoryKeyServer, InMemoryCodeServer, SharedServer};
use nkode_protocol::opaque::models::NKodeServerSetup;
use nkode_protocol::opaque::server::{Code, Key, OpaqueAuth}; use nkode_protocol::opaque::server::{Code, Key, OpaqueAuth};
use nkode_protocol::repository::opaque::in_memory::in_memory_auth_repo::InMemoryAuthRepo;
use nkode_protocol::repository::opaque::in_memory::in_memory_auth_session::InMemoryAuthSession;
use nkode_protocol::repository::opaque::in_memory::in_memory_transport::{InMemoryCodeServer, InMemoryKeyServer, InMemSharedServer};
#[tokio::test] #[tokio::test]
async fn opaque_key_registration_and_login_roundtrip() { async fn opaque_key_registration_and_login_roundtrip() {
@@ -32,8 +32,8 @@ async fn opaque_code_registration_and_login_roundtrip() {
InMemoryAuthRepo::new(), InMemoryAuthRepo::new(),
InMemoryAuthSession::new(), InMemoryAuthSession::new(),
))); )));
let mut key_server = SharedServer::<Key>::new(shared.clone()); let mut key_server = InMemSharedServer::<Key>::new(shared.clone());
let mut code_server = SharedServer::<Code>::new(shared.clone()); let mut code_server = InMemSharedServer::<Code>::new(shared.clone());
let email = "c@d.com"; let email = "c@d.com";
let key_auth = AuthenticationData::from_secret_key(email, b"supersecret16bytes"); let key_auth = AuthenticationData::from_secret_key(email, b"supersecret16bytes");
OpaqueAuthentication::register(&key_auth, &mut key_server) OpaqueAuthentication::register(&key_auth, &mut key_server)